Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A data controller (DC) system comprising one or more data controller (DC) computing devices for authenticating a user, the one or more DC computing devices comprising at least one processor and a memory, the one or more DC computing devices configured to: receive, as part of a user enrollment process for a digital wallet, first crypto key data including encrypted on-device biometric data, a first device identifier, and a first account identifier; store the first crypto key data within a database in communication with the one or more DC computing devices as historical crypto key data; receive an authentication request message for a payment transaction including second crypto key data, the second crypto key data including a second device identifier, and a second account identifier; correlate the second crypto key data to the historical crypto key data; determine a fraud score for the second transaction, wherein the fraud score is determined based upon the crypto key correlation; automatically generate an authentication response message in response to the authentication request message, the authentication response message including the fraud score; transmit the authentication response message; receive third crypto key data, the third crypto key data associated with a previously approved authentication request; determine the third crypto key data is inconsistent with the historical crypto key data from the digital wallet user enrollment process; and expand the historical crypto key data to include the third crypto key data.
2. The DC system of claim 1 , wherein the encrypted on-device biometric data includes on-device biometric data validated by a user computing device.
A system for secure biometric authentication in a distributed computing environment addresses the challenge of protecting sensitive biometric data while enabling reliable user verification. The system encrypts biometric data on the user's device before transmission, ensuring that raw biometric information is never exposed to external systems. This on-device encryption process involves validating the biometric data locally on the user's computing device before encryption, ensuring the data's integrity and authenticity. The validated and encrypted biometric data is then securely transmitted to a central server for authentication or other processing. The system may also include mechanisms for securely storing and managing encrypted biometric data, as well as protocols for securely transmitting the data between devices and servers. By performing biometric validation and encryption on the user's device, the system enhances privacy and security, reducing the risk of data breaches or unauthorized access. The system is particularly useful in applications requiring high-security authentication, such as financial transactions, healthcare systems, or access control.
3. The DC system of claim 1 , wherein the first crypto key data is associated with a first user computing device used to complete the digital wallet enrollment process, and wherein the third crypto key data is associated with a second user computing device different from the first user computing device.
A digital wallet enrollment system for secure cryptographic key management involves generating and distributing multiple cryptographic keys across different user devices to enhance security and authentication. The system includes a first cryptographic key associated with a first user device used during the initial digital wallet enrollment process. This key is generated and stored securely to authenticate the user and the device during enrollment. A second cryptographic key is generated and stored on a server or backend system, acting as a reference or backup key for verification purposes. A third cryptographic key is associated with a second user device, distinct from the first, to enable multi-device authentication or recovery processes. The system ensures that the cryptographic keys are securely generated, distributed, and managed, allowing for secure digital wallet access and transactions across multiple devices. The use of separate keys for different devices enhances security by preventing unauthorized access if one device is compromised. The system may also include mechanisms for key rotation, revocation, or recovery to maintain security over time. This approach is particularly useful in financial or identity verification systems where secure authentication across multiple devices is required.
4. The DC system of claim 1 further configured to correlate the second crypto key data and the historical crypto key data by at least performing a lookup of the first account identifier in the database and matching the first account identifier to the second account identifier.
A system for managing cryptographic keys in a distributed computing environment addresses the challenge of securely correlating and validating cryptographic key data across multiple accounts and devices. The system includes a database storing historical cryptographic key data associated with a first account identifier and a processor configured to receive second cryptographic key data associated with a second account identifier. The system correlates the second cryptographic key data with the historical data by performing a lookup of the first account identifier in the database and matching it to the second account identifier. This ensures that cryptographic keys are properly linked to their respective accounts, enabling secure authentication, authorization, and key management operations. The system may also validate the second cryptographic key data against the historical data to detect anomalies or unauthorized access attempts. By maintaining a centralized database of cryptographic key associations, the system enhances security and simplifies key management in distributed environments. The system is particularly useful in scenarios where multiple devices or services need to securely share or validate cryptographic keys across different accounts.
5. The DC system of claim 1 further configured to: store the fraud score within a database as part of the historical data associated with the first crypto key data; and build a fraud score table for the first account identifier, wherein the fraud score table includes one or more fraud scores stored within the database.
A system for detecting and managing fraud in cryptographic transactions involves analyzing transaction data to generate fraud scores and maintaining historical records of these scores. The system processes transaction data associated with a first account identifier and a first cryptographic key, generating a fraud score based on the transaction data. This fraud score is stored in a database as part of the historical data linked to the first cryptographic key. The system also constructs a fraud score table for the first account identifier, which includes one or more fraud scores stored in the database. This table allows for tracking and analysis of fraud patterns over time, enabling improved fraud detection and risk assessment for future transactions. The system may also compare the generated fraud score against a threshold to determine whether the transaction is fraudulent. By maintaining a historical record of fraud scores, the system enhances its ability to identify suspicious activity and mitigate fraud risks.
6. The DC system of claim 5 further configured to generate a fraud score associated with the first account identifier by concatenating a plurality of fraud scores stored in the score table.
A system for detecting fraud in a direct current (DC) electrical system monitors electrical parameters to identify anomalies indicative of fraudulent activity. The system includes a data collection module that gathers electrical measurements such as voltage, current, and power consumption from multiple nodes in the DC system. A processing module analyzes these measurements to detect deviations from expected patterns, which may signal tampering or unauthorized usage. The system also includes a score table that stores individual fraud scores for different account identifiers, each representing a user or device connected to the system. These scores are derived from historical data and real-time analysis of electrical behavior. The system further generates an aggregated fraud score for a specific account identifier by combining multiple individual fraud scores from the score table. This concatenation process integrates various indicators of suspicious activity, providing a comprehensive assessment of fraud risk. The aggregated score can then be used to trigger alerts, restrict access, or initiate further investigation. The system aims to enhance security in DC electrical networks by detecting and mitigating fraudulent behavior through continuous monitoring and scoring of electrical parameters.
7. The DC system of claim 6 further configured to transmit the fraud score associated with the first account identifier to a fraud score requestor.
A system for detecting and scoring fraudulent activity in a direct current (DC) power distribution network monitors electrical parameters such as voltage, current, and power consumption to identify anomalies indicative of fraud. The system includes sensors distributed across the network to collect real-time data, which is processed by an analytics module to detect deviations from expected usage patterns. When an anomaly is detected, the system generates a fraud score for the associated account identifier, quantifying the likelihood of fraudulent activity. The system is further configured to transmit this fraud score to a fraud score requestor, such as a utility provider or security system, enabling automated or manual review and action. The fraud detection process may involve comparing current measurements against historical data, predefined thresholds, or machine learning models trained to recognize fraudulent patterns. The system may also integrate with external databases or fraud detection services to enhance accuracy. By providing a quantifiable fraud score, the system allows for efficient prioritization and investigation of suspicious activity, reducing financial losses and improving network security.
8. The DC system of claim 1 wherein the historical crypto key data includes a plurality of instances of received crypto key data.
A system for managing cryptographic keys in a direct current (DC) power distribution network addresses the challenge of securely distributing and updating cryptographic keys across distributed energy resources (DERs) and other networked devices. The system collects and stores historical cryptographic key data, including multiple instances of received key data, to enable secure communication and authentication between devices. The historical key data allows the system to verify the integrity and authenticity of keys, detect tampering, and maintain a secure audit trail. The system may also include a key management module that generates, distributes, and revokes cryptographic keys as needed, ensuring that only authorized devices can participate in the DC power distribution network. By maintaining a record of past key data, the system enhances security and reliability in dynamic energy environments where devices frequently join or leave the network. The historical key data can be used for forensic analysis, key rollover, and compliance with regulatory requirements. The system is particularly useful in smart grid applications where secure communication between distributed energy resources is critical for efficient and reliable power distribution.
9. The DC system of claim 1 , wherein the historical crypto key data associated with the first crypto key data includes historical fraud scores.
A system for managing cryptographic keys in a distributed computing environment addresses the challenge of securely handling and verifying cryptographic keys while detecting and mitigating fraudulent activities. The system includes a distributed ledger that stores cryptographic key data, where each entry is associated with historical data related to the key. This historical data includes fraud scores, which are metrics indicating the likelihood of fraud associated with the key. The system uses these fraud scores to assess the trustworthiness of the key and its associated transactions. By analyzing the historical fraud scores, the system can identify patterns or anomalies that suggest potential fraud, allowing for proactive security measures. The distributed ledger ensures that the key data and its associated fraud scores are immutable and verifiable across multiple nodes, enhancing security and transparency. The system may also include mechanisms for updating or flagging keys based on new fraud detection events, ensuring continuous monitoring and adaptive security responses. This approach improves the reliability and security of cryptographic key management in decentralized systems.
10. The DC system of claim 1 further configured to automatically generate the authentication response message when the fraud score meets a predefined score threshold.
A system for detecting and responding to fraudulent transactions in a direct current (DC) power distribution network monitors transaction data to assess fraud risk. The system calculates a fraud score based on transaction characteristics, such as power consumption patterns, timing anomalies, or device authentication failures. When the fraud score exceeds a predefined threshold, the system automatically generates an authentication response message to mitigate the risk. This response may include triggering additional security measures, such as requiring re-authentication, blocking the transaction, or alerting system administrators. The system integrates with existing DC power infrastructure, including smart meters, energy management systems, and communication networks, to ensure real-time fraud detection and response. By automating the fraud detection process, the system reduces manual intervention, minimizes fraud-related losses, and enhances the security of DC power distribution networks. The predefined score threshold can be adjusted based on operational requirements or historical fraud data to optimize detection accuracy and response efficiency.
11. A computer-implemented method for authenticating a user, the method implemented using one or more data controller (DC) computing devices coupled to a memory device, the method comprising: receiving, as part of a user enrollment process for a digital wallet, first crypto key data including encrypted on-device biometric data, a first device identifier, and a first account identifier; storing the first crypto key data within a database in communication with the one or more DC computing devices as historical crypto key data; receiving an authentication request message for a payment transaction including second crypto key data, the second crypto key data including a second device identifier, and a second account identifier; correlating the second crypto key data to the historical crypto key data; determining a fraud score for the second transaction, wherein the fraud score is determined based upon the crypto key correlation and historical crypto key data associated with the first account identifier; automatically generating an authentication response message in response to the authentication request message, the authentication response message including the fraud score; transmitting the authentication response message; receiving third crypto key data, the third crypto key data associated with a previously approved authentication request; determining the third crypto key data is inconsistent with the historical crypto key data from the digital wallet user enrollment process; and expanding the historical crypto key data to include the third crypto key data.
This invention relates to a computer-implemented method for authenticating users in digital wallet transactions, addressing the need for secure and fraud-resistant authentication. The method involves a system of data controller (DC) computing devices that process and store cryptographic key data to verify user identity during payment transactions. During user enrollment, the system receives encrypted on-device biometric data, a device identifier, and an account identifier, storing this as historical crypto key data. When a payment transaction occurs, the system receives an authentication request containing new crypto key data, including a device and account identifier. It correlates this data with the stored historical data to determine a fraud score, which evaluates the transaction's legitimacy based on the consistency of the cryptographic keys. The system then generates and transmits an authentication response message containing the fraud score. If a subsequent authentication request is approved but the associated crypto key data is inconsistent with the historical data, the system updates its database by expanding the historical crypto key data to include this new, previously approved data. This adaptive approach improves fraud detection by dynamically incorporating new valid key variations while maintaining security. The method ensures robust authentication by leveraging historical cryptographic data and fraud scoring to mitigate unauthorized transactions.
12. The method of claim 11 , wherein the encrypted on-device biometric data includes on-device biometric data validated by a user computing device.
A method for securely processing biometric data involves encrypting biometric data on a user computing device before transmission to a remote server. The encrypted biometric data is validated by the user computing device to ensure integrity and authenticity before being sent. This validation step confirms that the biometric data has not been tampered with and that the device generating the data is authorized. The method enhances security by ensuring that only validated, encrypted biometric data is processed by the remote server, reducing the risk of unauthorized access or manipulation. The validation process may include cryptographic checks, such as digital signatures or hash comparisons, to verify the data's origin and integrity. This approach is particularly useful in applications requiring high-security biometric authentication, such as financial transactions, healthcare systems, or secure access control. By performing validation on the device, the method minimizes exposure of raw biometric data to potential attackers, improving overall system security. The encrypted and validated biometric data is then transmitted to the remote server for further processing, such as authentication or identity verification. This method ensures that biometric data remains secure throughout the transmission and processing pipeline.
13. The method of claim 11 further comprising building a user account profile by storing the first crypto key data within the database as part of the user enrollment process for the digital wallet, and wherein the user account profile is built by using the first account identifier included in the first crypto key data.
A digital wallet system securely manages cryptographic keys and user accounts. The system addresses the challenge of securely enrolling users while maintaining privacy and authentication integrity. During user enrollment, the system generates a first cryptographic key pair, where the private key is stored securely on a user device and the public key is transmitted to a server. The public key includes an account identifier used to uniquely identify the user. The system builds a user account profile by storing the public key data in a database, linking it to the account identifier. This enables secure authentication and transaction processing while ensuring the private key remains exclusively on the user's device. The system may also generate a second cryptographic key pair for additional security layers, such as transaction signing or multi-factor authentication. The account profile is dynamically updated with transaction history and authentication events, allowing for personalized security policies and fraud detection. The method ensures that user identity and cryptographic operations are securely managed without exposing sensitive private keys to the server.
14. The method of claim 11 further comprising correlating the second crypto key data and the historical crypto key data by at least performing a lookup of the first account identifier in the database and matching the first account identifier to the second account identifier.
This invention relates to cryptographic key management systems, specifically for securely correlating and validating cryptographic key data across different accounts or devices. The problem addressed is ensuring accurate and secure matching of cryptographic keys between different accounts or systems, particularly when historical key data is involved. The method involves receiving second crypto key data associated with a first account identifier and historical crypto key data associated with a second account identifier. The second crypto key data may include a public key, a private key, or a key pair, while the historical crypto key data may include previously stored keys or key-related information. The method further includes correlating the second crypto key data with the historical crypto key data by performing a lookup of the first account identifier in a database and matching it to the second account identifier. This ensures that the correct historical key data is associated with the current key data, maintaining security and consistency in cryptographic operations. The correlation process may involve additional steps such as validating the keys or updating the database with the new key data. This method is particularly useful in systems where multiple accounts or devices need to securely share or validate cryptographic keys, such as in distributed ledger technologies, secure communication systems, or identity management platforms.
15. The method of claim 11 further comprising: storing the fraud score within a database as part of the historical data associated with the first crypto key data; and building a score table for the first account identifier, wherein the fraud score table includes one or more fraud scores stored within the database.
This invention relates to fraud detection in cryptographic systems, specifically for identifying and tracking fraudulent activity associated with cryptographic keys. The problem addressed is the difficulty in detecting and mitigating fraud in decentralized or digital transactions where cryptographic keys are used for authentication and authorization. Existing systems often lack mechanisms to track and analyze fraud patterns associated with specific keys or accounts over time, leading to repeated fraudulent activities. The invention provides a method for enhancing fraud detection by storing and analyzing fraud scores linked to cryptographic keys. When a transaction or activity is flagged as potentially fraudulent, a fraud score is generated based on various risk factors. This fraud score is then stored in a database as part of the historical data associated with the cryptographic key involved in the transaction. Additionally, a fraud score table is built for the account identifier linked to the key, compiling multiple fraud scores over time. This table allows for historical analysis, enabling the system to detect patterns, assess risk trends, and improve fraud detection accuracy. The stored fraud scores can be used to refine risk assessment models, block suspicious transactions, or trigger additional verification steps. By maintaining a comprehensive record of fraud-related activity tied to specific keys and accounts, the system can proactively identify and mitigate fraudulent behavior.
16. The method of claim 15 further comprising generating a fraud score associated with the first account identifier by concatenating a plurality of fraud scores stored in the score table.
This invention relates to fraud detection in digital transactions, specifically for identifying and scoring fraudulent activities associated with account identifiers. The system monitors transaction data to detect anomalies or suspicious patterns, such as unusual transaction volumes, geographic inconsistencies, or deviations from typical user behavior. When a potential fraud is detected, the system generates a fraud score for the account identifier by aggregating multiple individual fraud scores stored in a score table. These scores may be derived from different fraud detection models or historical data points. The concatenated fraud score provides a comprehensive risk assessment, enabling more accurate fraud detection and decision-making. The method ensures real-time evaluation of transaction risks by continuously updating the score table with new fraud indicators and recalculating the overall fraud score. This approach improves fraud prevention by combining multiple detection metrics into a single, actionable score, reducing false positives and enhancing security in financial and digital transactions.
17. The method of claim 16 further comprising transmitting the fraud score associated with the first account identifier to a fraud score requestor.
A system and method for fraud detection and scoring in financial transactions involves analyzing transaction data to identify potentially fraudulent activity. The system monitors transactions associated with account identifiers, such as credit card numbers or user accounts, and evaluates them against predefined fraud detection rules or machine learning models. When a transaction is flagged as suspicious, the system generates a fraud score representing the likelihood of fraud. This score is then transmitted to a fraud score requestor, such as a financial institution or payment processor, to inform decision-making. The fraud score may be based on factors like transaction frequency, location discrepancies, or historical fraud patterns. The system may also compare transaction data against known fraud indicators or blacklists. By providing a quantifiable fraud risk assessment, the system helps entities mitigate fraudulent transactions while minimizing false positives. The method ensures real-time or near-real-time fraud detection, allowing for immediate action, such as transaction blocking or additional verification steps. The system may integrate with existing fraud management platforms or operate as a standalone service. The fraud score transmission enables downstream systems to enforce fraud prevention policies, such as transaction declines or manual review triggers.
18. The method of claim 11 wherein the historical crypto key data includes a plurality of instances of received crypto key data.
This invention relates to cryptographic key management, specifically addressing the challenge of securely storing and retrieving historical cryptographic key data for decryption or authentication purposes. The method involves maintaining a record of previously received cryptographic key data, including multiple instances of such data, to ensure backward compatibility and support for legacy systems. The historical crypto key data is stored in a secure manner, allowing authorized systems to access and use the keys for decrypting encrypted communications or verifying digital signatures. The method ensures that even if a key is rotated or updated, older keys remain available for processing previously encrypted data, thus maintaining data integrity and accessibility. The system may include a key management server that securely stores and retrieves these historical keys, ensuring that they are protected from unauthorized access while remaining available to authorized entities. This approach is particularly useful in environments where long-term data retention and backward compatibility are critical, such as in financial transactions, secure communications, or compliance with regulatory requirements. The method may also include mechanisms for key rotation, expiration, and revocation, ensuring that only valid keys are used while maintaining a secure archive of historical keys.
19. The method of claim 11 further comprising automatically generating the authentication response message when the fraud score meets a predefined score threshold.
This invention relates to fraud detection and authentication systems, specifically methods for generating authentication responses based on fraud risk assessment. The system evaluates transaction or user activity data to compute a fraud score, which quantifies the likelihood of fraudulent behavior. When this score exceeds a predefined threshold, the system automatically generates an authentication response message, such as a challenge request or transaction block, to mitigate potential fraud. The method integrates with existing authentication frameworks, allowing dynamic adjustments to security measures based on real-time risk analysis. The fraud score is derived from multiple factors, including historical transaction patterns, user behavior anomalies, and external threat intelligence. The automated response ensures timely intervention without manual oversight, improving security efficiency. The system can be applied to financial transactions, account access, or any scenario requiring fraud risk assessment. The invention enhances security by proactively responding to high-risk activities while minimizing false positives through configurable threshold settings.
20. A non-transitory computer-readable medium that includes computer-executable instructions for authenticating a user, wherein when executed by one or more data controller (DC) computing devices comprising at least one processor in communication with at least one memory device, the computer-executable instructions cause the one or more data controller (DC) computing devices to: receive, as part of a user enrollment process for a digital wallet, first crypto key data including encrypted on-device biometric data, a first device identifier, and a first account identifier; store the first crypto key data within a database in communication with the one or more DC computing devices as historical crypto key data; receive an authentication request message for a payment transaction including second crypto key data, the second crypto key data including a second device identifier, and a second account identifier; correlate the second crypto key data to the historical crypto key data; determine a fraud score for the second transaction, wherein the fraud score is determined based upon the crypto key correlation and historical crypto key data associated with the first account identifier; automatically generate an authentication response message in response to the authentication request message, the authentication response message including the fraud score; transmit the authentication response message; receive third crypto key data, the third crypto key data associated with a previously approved authentication request; determine the third crypto key data is inconsistent with the historical crypto key data from the digital wallet user enrollment process; and expand the historical crypto key data to include the third crypto key data.
This invention relates to a system for authenticating users in digital wallet transactions using cryptographic key data and biometric verification. The system addresses the problem of fraudulent transactions by dynamically analyzing and correlating cryptographic key data to detect inconsistencies and assess fraud risk. During user enrollment, the system receives encrypted on-device biometric data, a device identifier, and an account identifier, storing this as historical crypto key data. For subsequent payment transactions, the system receives new crypto key data, correlates it with the historical data, and calculates a fraud score based on the correlation and historical records. The fraud score is transmitted back to the requester to inform authentication decisions. If a previously approved transaction's crypto key data is later found to be inconsistent with the historical data, the system updates its historical records to include this new data, allowing the system to adapt and improve fraud detection over time. The system operates on one or more data controller computing devices, ensuring secure and scalable authentication processes for digital wallet transactions.
Unknown
November 24, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.